Identification documents and authentication of such documents

ABSTRACT

The present invention relates generally to identification documents. One claim recites an apparatus to authentic an identification document. The identification document comprising first machine-readable information including a first plural-bit message, and semantic information carried on or in the identification document. The apparatus includes: a first reader to read the first machine-readable information to obtain the first plural-bit message; a second reader to obtain information from the semantic information carried on or in the identification document; an electronic processor programmed as a decryption unit to decrypt the first plural-bit message or the information obtained from the semantic information; and an electronic processor programmed as a decision unit to determine whether the identification document is authentic based at least in part on the first plural-bit message and the semantic information. Other claims and combinations are provided as well.

RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No. 11/626,150, filed Jan. 23, 2007 (U.S. Pat. No. 7,639,837) which is a continuation of U.S. patent application Ser. No. 11/286,154, filed Nov. 23, 2005 (U.S. Pat. No. 7,269,275) which is a continuation of application Ser. No. 10/011,129 (U.S. Pat. No. 6,970,573) which are each hereby incorporated by reference. The 10/011,129 application is a continuation of U.S. patent application Ser. No. 09/422,780, filed Nov. 18, 1999 (U.S. Pat. No. 6,389,151) which claims the benefit of U.S. Provisional Patent Application No. 60/109,259, filed Nov. 19, 1998. The 09/442,780 application is also a continuation in part of U.S. patent application Ser. No. 09/074,034, filed May 6, 1998 (now U.S. Pat. No. 6,449,377). The 10/011,129 application is also a continuation in part of U.S. patent application Ser. No. 09/198,022, filed Nov. 23, 1998 (now U.S. Pat. No. 6,546,112) which is a continuation of U.S. patent application Ser. No. 08/763,847, filed Dec. 4, 1996 (now U.S. Pat. No. 5,841,886) which is a continuation of U.S. patent application Ser. No. 08/512,993, filed Aug. 9, 1995 (now abandoned).

FIELD OF THE INVENTION

The present invention relates to security documents such as passports, driver's licenses, credit cards, etc. and to systems for producing and validating such documents.

BACKGROUND OF THE INVENTION

Many security documents contain a picture of the owner of the document. For example, a driver's license generally includes a picture of the driver and a passport generally includes a picture of the owner of the passport. Validation of such documents is performed by comparing the actual physical appearance of the person possessing the document to the picture on the document. A common counterfeiting technique involves replacing the picture on a security document with a picture of someone who is not the owner of the document.

U.S. Pat. No. 5,841,886 which will issue Nov. 24, 1998 describes a technique whereby a digital watermark is included in the picture on a security document. The security document contains human readable text that is related to the data contained in the watermark. The document can be inserted into a scanner which will read the watermark and the operator can compare the output of watermark reader to the text to insure that the person possessing the document is the legitimate owner.

Custom printing systems are available which accept data from multiple sources and which produce documents which are tailored to individual customer characteristics or to information concerning an individual customer. Such systems can for example produce personalized documents that include both fixed information that is on each document that is printed and variable information such as personal information about an individual's account at an institution such as a bank. One such system is commercially marketed under the trademark “PageFlex” by Bitstream Inc. or Cambridge Mass.

Likewise the technology for producing images which contain steganographic information in the form of digital watermarks is well developed. For example see U.S. Pat. No. 5,636,292, U.S. Pat. No. 5,748,783 or the “Communications of the ACM” published July 1998 Vol. 41. No. 7 pages 31 to 77. Commercial products which can store and read digital watermarks are also widely available. Examples of such products include “Adobe PhotoShop” Versions 4.0 and 5.0 and “Adobe ImageReady” Version 1.0 which are marketed by Adobe Corporation, “CorelDRAW” Versions 7 and 8, and “Corel PHOTO-PAINT” Versions 7 and 8 which are marketed by Corel Corporation, and Micrografx Webtricity” Versions 1 and 2, “Micrografx Graphics Suite 2”, and “Micrografx Picture Publisher” Versions 7 and 8 which are marketed by Micrografx Corporation.

Security documents such as passports and drivers licenses have traditionally contained both images and printed text. However, the images and the text in such documents are generally prepared in separate processes and merely merged at a final step in the overall production.

The present invention is directed to an improved security document which has several correlated multi-level self validating features. The present invention is also directed to an improved overall method and system for producing security documents and to automatic authentication systems for such documents. With the present invention the document contains a number of different kinds of information that is hidden from normal view and which can be correlated to validate the document. The validation can be done entirely automatically decreasing the need for human intervention.

With the prior art systems, a human being such as an immigration officer must examine a passport to determine if the person presenting the document is the rightful owner of the document. With the present invention, the authentication can be done entirely automatically, leaving the human operator free to handle non-routine situations.

SUMMARY OF THE INVENTION

The present invention provides security documents which has multiple fields or areas each of which contains information that is perceptible in more than one way. For example, one field can contain a visually perceptible image and a digital watermark that can be detected when the image is scanned and processed, another field can contain machine readable OCR text that can be read by both a human and by a programmed computer, and still another field can contain watermark data which can be correlated to the output of a fingerprint reader or apparatus which scans a user's iris.

Documents in accordance with the present invention are produced by a system and method which begins with a template which defines the placements of elements on the document and the interrelationships between hidden and visual information on the document. That is, the template specifies the placement of elements such as images, photographs, and text and it also specifies the interrelationship between information that is visually perceptible to a user of the document and information that is hidden (not perceptible to a user) by means of digital watermarks. Different hidden digital watermark data is included in multiple elements of the document. The watermarks in the different graphic elements of the document are correlated to each other and correlated to the visual material on the document. In this way the document can not be forged by replacing one element (such as a picture) with a similar element from another document. In order to produce a document defined by a particular template, appropriate pictures, graphics and digital data are extracted from a data bank, and watermark data is embedded in the pictures and graphics as appropriate. The merged digital data is then sent to a printing engine and the final document is produced.

An automatic validation system of the present invention reads multiple fields on the document, and it also automatically detects information about the user. The various information is correlated to validate the document.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a security document in accordance with the present invention.

FIG. 2 is an overall diagram of a preferred embodiment of a system to produce security documents in accordance with the present invention.

FIG. 3 is a diagram of a document validation system that operates in accordance with the present invention.

DESCRIPTION OF A PREFERRED EMBODIMENT

A diagram of a security document in accordance with the present invention is shown in FIG. 1. The security features on the document are a pre-printed background 11 which has an image or pattern (not visible in FIG. 1) which contains a digital watermark. The image in background 11 may contains lines the width of which are varied to carry a watermark in accordance with the technique described in co-pending application Ser. No. 09/074,034 filed May 6, 1998 (now U.S. Pat. No. 6,449,377), the disclosure of which in incorporated herein in its entirety.

The document also contains a photograph 12 which shows the owner of the document. This photograph 12 contains a watermark such as that described in U.S. Pat. No. 5,841,886 which will issue Nov. 24, 1998. The personalized background 14 can for example be a background image which corresponds to the image 12. While the personalized image 14 corresponds to the photograph 12, in area 14 the image is printed as a background image. Background images of various types are conventional, for example personal checks frequently have background images of animals, mountains, etc. The background text makes it hard to change the human readable text 15 which is printed over the background text. The bottom of the document has machine readable OCR-B text 16 and a Bar code 17.

It should be clearly understood that the document shown in FIG. 1 is merely illustrative of the various elements that can be combined to form a security document. The exact layout can vary depending upon the needs of the particular application. If desired for a particular application, the document can be much more complex than the document shown in FIG. 1. The document can have many more fields and elements than does the document shown in FIG. 1. Furthermore the document could contain the various other known technology for preventing counterfeiting such as special paper and special ink.

Document shown in FIG. 1 can for example be a document such as a driver's license in which case the picture 12 would be a picture of the owner of the license. Graphic image 11 could for example be a state seal. The text 15 could for example include the driver's license number, the owner's age, and the owner's address.

Document 10 can be a passport. In a passport, the hidden digital watermark data in picture 12 and in the other fields could be coordinated as follows:

Watermark contains Correlates to Pre-printed unique document “batch” background 11 number Photo 12: Batch number and passport OCR-B version of passport number (cryptographically number, Human readable encoded) passport number, Master document Personalized “hash” of fingerprint fingerprint of the holder background 14 which is automatically read Bar code 17 Passport number Watermark in photo 12 (in code not in watermark) OCR-B text 16 Passport number Batch Info in photo 12, back- number (in text not ground 11 And Bar code 17 in watermark)

An important point is that the various elements of hidden and visual information are coordinated in such a manner that the document is self authenticating. The hidden data in one field can be correlated with the hidden data in another field to insure that the document has not been altered.

If for example one tried to alter a document by replacing picture 12 with a different picture, the new picture would either contain no hidden data, or if it were a picture taken from a different document, the numbers stored in the picture would not match the printed information in text field 15.

If the picture from one document were substituted for the picture in a second document, the cryptographically encoded serial numbers could be used to determine the origin of the picture. It is noted that while in the example shown above, both the Batch number and passport number are cryptographically encoded, other numbers such as a serial number or an ID number could also be encoded in a special manner.

FIG. 2 shows an overall diagram of a system for producing document 10. The system includes a number of units, the operation of which is controlled and coordinated by a control computer 20. The following explanation will illustrate how the embodiment shown in FIG. 2 can be used to produce a document such as the document shown in FIG. 1.

A template 21 is used to define the overall characteristics of a document. The characteristics specified by template 21, including the fields on the document, the data printed in any text fields and the watermarks included in each image included on the document.

The template 21 is used by document layout device 26 to layout a particular document for production. Data which is to be included in the watermarks in any image field are stored in Watermark data store 22. Any pictures, text data, and Graphics are stored in units 23, 24 and 25 respectively.

The document layout from unit 26, the digital watermark data from unit 22 and the pictures, text data and graphics from units 23, 24, and 25 are sent to Merging and watermarking unit 27. Unit 27 applies watermarks to pictures and graphics as specified by the layout information from unit 11. Application of the watermarks to the pictures and graphics can be done in a conventional manner; however, prior to sending the watermark payload (i.e. the data stored in the watermark) to the watermarking engine, the data can be passed through a conventional encryption program. Encrypting the payload data provides an added assurance that a counterfeiter could not make a counterfeit document. The level of encryption could be any level appropriate to the value of the document.

The output from the Merging and watermarking unit 27 is then sent to a conventional printing engine 28 which produces a final document 10.

Watermark Data storage 22, picture storage 23, digital data storage 24 and graphics storage 25 can be conventional data storage servers. Physically they could all be provided by one physical storage unit. Template input unit 21 is a conventional interactive terminal or personal computer with a graphic design program. Merging and watermarking unit 27 can be a conventional watermarking engine.

The system shown in FIG. 2 produces various parts of the security document in a single step, thereby making it much harder to replace one element on a security document with a similar element from another document.

FIG. 3 is a diagram of a document self authentication unit in accordance with the present invention. The system has three input units, each of which is conventional and commercially available. The input units are a magnetic stripe reader 301, a high resolution image scanner 302, and a fingerprint reader 303. The document 10, shown in FIG. 1 does not include a magnetic stripe, but one of the alternatives for such a document is to include a magnetic stripe.

The output from scanner 302 goes to three units (that is, to three computer programs) 305, 307 and 311. Alternatively, the bar code reader 305 could be a separate unit which directly reads the bar code and provides information to comparison and authentication unit 312.

If the bar code reader 305 is a computer program which receives information from the output of scanner 302, the program 305 will read the bar code 17. OCR program 307 reads the text 15 and the text 16 and watermark detector 311 reads the watermarks in images 11, 12 and 14.

An authentication and comparison unit 312 compares the data from units 301, 303, 305, 307 and 311 to determine if the data matches. If the data in some of the watermarks is encrypted, the comparison and authentication unit 312 would include an appropriate decryption program. The decryption program in unit 312 could obtain the decryption key from remote data base 314 in response to the number read by one of the devices. Alternatively, the encrypted data could be automatically sent to a central facility for decryption. The unit 312 can also access a remote data base 314 to determine if there is any special handling that is required for the document that has been presented. For example data base 314 could contain information about passports that have been cancelled for various reasons. The resulting information is displayed on a display unit 320. 

1. An apparatus to authenticate an identification document, the identification document comprising: an image including steganographically encoded first machine-readable information including a first plural-bit message, a background including steganographically encoded second machine-readable information including a second plural-bit message, and semantic information including authentication information carried on or in the identification document, the apparatus comprising: a first reader configured to determine the first plural-bit message based on the first machine-readable information and determine the second plural-bit message based on the second machine-readable information; a second reader configured to determine authentication information from the semantic information carried on or in the identification document; and an electronic processor configured to: decrypt the first plural-bit message or the authentication information; and determine whether the identification document is authentic based at least in part on the first plural-bit message, the second plural-bit message, and the authentication information, wherein the second plural-bit message comprises information from the first plural-bit message and the authentication information.
 2. The apparatus of claim 1, wherein the semantic information comprises optical character recognition (OCR) characters.
 3. The apparatus of claim 1, wherein the semantic information comprises data representing a photograph.
 4. The apparatus of claim 1, wherein the first reader and the second reader are configured to process optical scan data.
 5. The apparatus of claim 1, wherein the first machine-readable information comprises a digital watermark.
 6. The apparatus of claim 1, wherein the electronic processor is further configured to access a decryption key stored in a remote location that is associated with the identification document via an identifier carried on or in the identification document.
 7. The apparatus of claim 6, wherein the identifier is carried by machine-recognizable indicia on or in the identification document.
 8. The apparatus of claim 7, wherein the machine-recognizable indicia comprises a digital watermark.
 9. The apparatus of claim 1, wherein the first plural-bit message comprises information from the authentication information.
 10. A method of authenticating an identification document, the identification document comprising: an image including steganographically encoded first machine-readable information including a first plural-bit message, a background including steganographically encoded second machine-readable information including a second plural-bit message, and semantic information including authentication information carried on or in the identification document, the method comprising: determining, using a processor, the first plural-bit message based on the first machine-readable information; determining the second plural-bit message based on the second machine-readable information; determining the authentication information from the semantic information carried on or in the identification document; decrypting the first plural-bit message or the authentication information; and determining whether the identification document is authentic based at least in part on the first plural-bit message, the second plural-bit message, and the authentication information, wherein the second plural-bit message comprises information from the first plural-bit message and the authentication information.
 11. The method of claim 10, wherein the first plural-bit message comprises information from the authentication information.
 12. The method of claim 10, wherein the semantic information comprises optical character recognition (OCR) characters.
 13. The method of claim 10, wherein the semantic information comprises data representing a photograph and the first machine-readable information comprises a digital watermark.
 14. The method of claim 10, wherein the first reader and the second reader are configured to process optical scan data.
 15. The method of claim 10, further comprising accessing a decryption key stored in a remote location that is associated with the identification document via an identifier carried on or in the identification document.
 16. The method of claim 15, wherein the identifier comprises a digital watermark.
 17. A non-transitory computer-readable medium having instructions stored thereon that, if executed by a computing device, cause the computing device to perform operations for authenticating an identification document, the identification document comprising: an image including steganographically encoded first machine-readable information including a first plural-bit message, a background including steganographically encoded second machine-readable information including a second plural-bit message, and semantic information including authentication information carried on or in the identification document, the operations comprising: determining the first plural-bit message based on the first machine-readable information; determining the second plural-bit message based on the second machine-readable information; determining the authentication information from the semantic information carried on or in the identification document; decrypting the first plural-bit message or the authentication information; and determining whether the identification document is authentic based at least in part on the first plural-bit message, the second plural-bit message, and the authentication information, wherein the second plural-bit message comprises information from the first plural-bit message and the authentication information.
 18. The computer-readable medium of claim 17, wherein the first plural-bit message comprises information from the authentication information.
 19. The computer-readable medium of claim 17, wherein the semantic information comprises optical character recognition (OCR) characters.
 20. The computer-readable medium of claim 17, wherein the semantic information comprises data representing a photograph and the first machine-readable information comprises a digital watermark.
 21. The computer-readable medium of claim 17, wherein the first reader and the second reader are configured to process optical scan data.
 22. The computer-readable medium of claim 17, wherein the operations further comprise accessing a decryption key stored in a remote location that is associated with the identification document via an identifier carried on or in the identification document. 